package com.aaa.security;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

@Configuration
public class CrosConfig {
    //跨域拦截器
    @Bean
    public CorsFilter corsFilter(){
        //跨域配置
        CorsConfiguration corsConfiguration=new CorsConfiguration();
        //允许的请求方式 get post delete
        corsConfiguration.addAllowedMethod("*");
        //允许的域名: vue http://localhost:8080
       // corsConfiguration.addAllowedOrigin("http://localhost:8080");
         corsConfiguration.addAllowedOriginPattern("*");
        //请求头
        corsConfiguration.addAllowedHeader("*");
        //携带凭证:sessionld
        corsConfiguration.setAllowCredentials(true);
        //基于请求地址url的跨域配置源
        UrlBasedCorsConfigurationSource basedCorsConfigurationSource=new UrlBasedCorsConfigurationSource();
        // /** 所有地址
        basedCorsConfigurationSource.registerCorsConfiguration("/**",corsConfiguration);
        return new CorsFilter(basedCorsConfigurationSource);
    }
}
